Prepping For The Next Disaster: Four Lessons Learned From The Estes Cyberattack

Desptop photo as background with colorful VR cyberattack interface. Cyber security data protection business technology. Protection against dangers.

Sometimes the only good thing you can say about a month is that it’s over. Just ask Estes Express, which spent much of October recovering from an especially wicked and widespread cyberattack.

Like AFS, you probably watched the story unfold in real time since the news of it broke while many of us were at CSCMP Edge, and each chapter was extensively covered by the industry trades.

The question is, what have you done since then? Because based on the scope, duration and ultimately successful resolution of this latest supply chain cyber disaster, there are a lot of important lessons that all of us could stand to learn – and that we should begin to apply ASAP.

Lesson One: Pessimism Pays

Since we just celebrated Halloween, let’s start by addressing the scary fact that cyber security tools, no matter how advanced, aren’t always enough to protect your company from a cyberattack.

The folks at Estes were undeniably realistic about this, which is why they already had a detailed and extensively tested cyber contingency plan in place.

If your company has a similar plan – and it should – now’s the time to revisit it in light of the challenges and roadblocks you saw Estes grapple with over the past month. The specifics of their experience offer one of the most updated keys to the cyber emergency preparedness test there is.

Did any of the functions that were disabled as a result of the Estes cyberattack surprise you? Could you have weathered an extensive outage that lasted as long as theirs did? Or does your current plan only account for being partially offline for a few days at most? Furthermore, would your company have a comparable ability to quickly deploy alternative methods of getting your day-to-day work completed?

Use your answers to those questions (and more) to build an even better and stronger plan than the one you had in place a month or two ago. Then take the time to test and refine it with the help of tools like supply chain simulations.

Lesson Two: Sometimes Throwback = Fallback

We live in a world where new is usually considered to be better – and where all roads lead to digital transformation. But what happens when new-and-improved suddenly becomes new-and-impaired?

In many cases, the best solution could involve looking in the rear-view mirror and taking a trip down old school lane – as Estes did when it temporarily reverted to paper-based, manual processes like employing hard copies of Bills of Lading.

While these throwback solutions weren’t sexy, they were effective enough to keep freight moving through Estes’ system when their systems situation was at its most dire – and when push comes to shove, that’s what counted most.

Remember that example as your company moves forward with its own digital and automation journey, bearing in mind that even though it may be tempting to toss out your older, less sophisticated SOPs once more advanced ones are in place, it’s not necessarily wise. In the long run, the reliability they offer could wind up being one of the most agile Plan Bs you have.

Lesson Three: Your Cyber Security Budget Should Grow Faster Than Your IT Budget

Here’s another scary thought: Each time a business like Estes digitizes another business activity (and it had recently done so with quite a few) it significantly increases its cyber risk, perhaps exponentially so.

Freightwaves observed as much when it wrote this after a 2021 cyberattack on another industry leader: “The digital renaissance that has swept across transportation and logistics companies has been a good thing for . . . supply chain connectivity and visibility” but a potentially bad thing for cybersecurity because, “companies can end up introducing vulnerabilities if they’re not careful.” In fact, one industry executive who was interviewed for that story went so far as to say that, “every digital transformation a company puts in place is a potential security incident.”

While this added risk shouldn’t deter your business from pursuing digital progress, it should inspire you to make sure that any plans you have for digital expansion come complete with plans for even more substantial cyber security upgrades, even if it means spending a bit less on the former. Otherwise, you could be opening the door to becoming the next cautionary tale.

Lesson Four: We’re All In This Together

On a final note, let’s take a moment to focus on all of the things that Estes and the industry as a whole did well during this crisis, because there were a myriad.

For its part, Estes did an excellent job of using alternate channels to facilitate two-way communications with its customers including setting up a form on X (formerly Twitter) and using employees’ personal cell phones to convey important information. It also was extremely proactive in sharing the latest updates with customers and the public at large via X, YouTube, the industry trades and other non-company channels. And it was spot-on in terms of figuring out the timeline of which systems to bring back online first.

The industry’s other LTLs stepped up to the plate by being willing and able to absorb some of Estes’ freight volumes without, in most cases, resorting to opportunistic pricing.

And the media and other industry players refrained from piling on and kicking a company when it was down – and rightfully so. After all, as our industry becomes increasingly digitized, incidents like this are likely to become far more common and far more likely to happen to just about anyone. Which is all the more reason for all of us to continue addressing this issue (and its possible solutions) collaboratively rather than competitively.

On behalf of all of us at AFS, thank you for letting us talk turkey with you about this and so many other tough subjects this year. Feel free to give us a call at 318.798.21111 about this issue and any others that could affect your long-term LTL spend, and happiest of Thanksgivings from our company to yours.

Learn More



Sign-up for the AFS Newsletter

Receive news updates and insights delivered straight to your inbox.

Download the Full Q1:2023
Cowen/AFS Freight Index

Reach out to our team by
phone or email

Become a carrier

First name:
Last name:

Motor Carrier #:

First name:
Last name:

AFS client name:
PRO #:
Invoice Date:
Payment Received Date:
Invoice Amount:

Other carrier inquiries

First name:
Last name:

AFS client name:

Have you tried logging in to vendor portal?

If you do not have a vendor log-in, please fill out the following.

First name:
Last name:

Have my account manager contact me

First name:
Last name:


AFS is directing carriers and customers to direct all inbound invoices to [email protected] or via established electronic submission, such as EDI or eSubmit to avoid processing delays due to the impacts of the COVID-19 countermeasures and service interruptions at the United States Postal Service.

Carriers should contact Carrier Support via email at [email protected] in lieu of calls. We have added additional resources and later hours to assist you and email will serve as the method for fastest response. Please send an aging report with your inquiry so that we may provide you the most current status.

Thank you!